Hertzbleed Attack
Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86
Software History
WebTV Anecdotes
@sparrowgrine@chaos.social on Twitter
Cursed computing memory hierarchy, feel free to reply with questions about some of the more obscure stuff here, sources are available for all the cursed knowledge in this. pic.twitter.com/pfZ2FmCcy5— @sparrowgrine@chaos.social (@sparrowgrine) October 13, 2021
Lace card - Wikipedia
Tales (anon)
Theories, Solvers and Static Analysis by Abstract Interpretation
The algebraic/model theoretic design of static analyzers uses abstract domains based on representations of properties and pre-calculated property transformer...
Strip
The 8000th Busy Beaver number eludes ZF set theory: new paper by Adam Yedidia and me
I’ve supervised a lot of great student projects in my nine years at MIT, but my inner nerdy teenager has never been as personally delighted by a project as it is right now. To…
What is the '-->' operator in C/C++?
After reading Hidden Features and Dark Corners of C++/STL on comp.lang.c++.moderated, I was completely surprised that the following snippet compiled and worked in both Visual Studio 2008 and G++ 4....
Superoptimizing LLVM
Compilers are caught in a tug-of-war between increasingly exotic architectures and instruction set extensions on one hand, and our desire for advanced progra...
Getting Arbitrary Code Execution from fopen's 2nd Argument
hugeh0ge's blog
Intrinsic Propensity for Vulnerability in Computers? Arbitrary...
The universal Turing machine is generally considered to be the simplest, most abstract model of a computer. This paper reports on the discovery of an accidental arbitrary code execution...
Explaining the Entombed Algorithm
In \cite{entombed}, John Aycock and Tara Copplestone pose an open question, namely the explanation of the mysterious lookup table used in the Entombed Game's Algorithm for two dimensional maze...
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections. This is a very general at...
Linux in a Pixel Shader - A RISC-V Emulator for VRChat
Binary Banshees and Digital Demons
The Committee says these things do not exist. The Committee says these things are invisible, not our business, and not something we can or should talk about....
PNG Parser Differential
Pwnkit
Mytkowicz wrong data
Stuxnet - Wikipedia
The RISKS Digest, Volume 14 Issue 44
Someone Just Stole $50 Million from the Biggest Crowdfunded Project Ever. (Humans Can't Be Trusted)
The code behind the biggest crowdfunded project ever was supposed to eliminate the need to trust humans. But humans are tough to take out of the equation.
How one yanked JavaScript package wreaked havoc
When a developer 'unpublished' his work from the NPM JavaScript package registry, it broke dependencies for many other projects -- and highlighted the fragility of the open source ecosystem
Things to commit just before leaving your job
Things to commit just before leaving your job · GitHub
Minesweeper and Logical Circuits
Xerox scanners/photocopiers randomly alter numbers in scanned documents
Xerox scanners/photocopiers randomly alter numbers in scanned documents Please see the “condensed time line” section (the next one) for a time line of how the Xerox saga unfolded. It for example depicts that I did not push the thing to the public right away, but gave Xerox a lot of time before I did so.
ben 🚀 cobalt core! on Twitter
not to oversimplify: first you have to flatten the rock and put lightning inside it— ben 🚀 cobalt core! (@daisyowl) March 15, 2017
World’s First Computer Bug
On September 9, 1947, a team of computer scientists reported the world’s first computer bug—a moth trapped in their computer at Harvard University.
https://twitter.com/suricrasia/status/1380651066778345478
Restrictions on geographic data in China - Wikipedia